Cyber Honey Trap: Hackers Hit PornHub Users With Malvertising Attack

This particular type of malware is known as "malvertising" as it causes more dodgy ads to spread, leading to more victims of the attack.

Millions of Pornhub users were targeted with a malvertising attack that sought to trick them into installing malware on their PCs, Proofpoint said.

The attack apparently had been active for over a year and "exposed millions of potential victims in the US, Canada, the United Kingdom, and Australia", according to Proofpoint, a security company cited by the Guardian.

In the case of Pornhub, Proofpoint said users were shown fake ads urging them to click to download a new version or Flash update to their web browser - but would instead infect their computers.

Visitors to adult website PornHub may have been infected by malware after hackers infiltrated the site's advertising supply chain, according to researchers. If the false update was downloaded, Kovter was then on the user's device, taking it over to click on fake ads on spam sites - earning cash for KovCoreG.

The hack was carried out by a group known as KovCoreG, Proofpoint said, who hoped to infect users with an ad fraud malware known as Kovter. If downloaded and activated by users, the software infected their computers with Kovter - a program that hijacks a computer and uses it to generate clicks on fake ads which generate money for the websites they're hosted on.

Although ad fraud was the name of the game this time, the payload could easily have been changed to infect users with ransomware, or information-stealers, Epstein added.

According to Epstein this only confirms that attackers will always follow the money, and to do so they will continue to create and ideal combinations of techniques involving social engineering, targeting, and pre-filtering to affect as many users as possible.

These malvertising campaigns are a popular mechanism for hackers to spread malware and Mark James, a security specialist at IT firm ESET, told The Guardian that Pornhub was a flawless target.

To stay protected against malware and malvertising, security expert Javvad Malik from the security firm AlienVault told Newsweek it's important people do not forget to not click on links in pop-ups and to stay on reputable sites.

"There has been an upturn in the number of reputable organizations distributing malvertising", Malik says.

"The audience is possibly less likely to have security in place or active as people's perception is that it's already a dark place to surf". "Also, the user may be less likely to call for help and try to click through any popups or install any software themselves, not wanting others to see their browsing habits".

Comments

Latest Posts

Google Duo will soon be adding a screen sharing feature
With ViLTE (Video Over LTE), users can immediately switch to Video call even while in between a normal voice call. Now, we have v20 of Duo hitting stock Android devices and a teardown brings an interesting finding to the fore.

Astronauts take a spacewalk to lubricate robotic arm
After lubricating the robotic arm , the two USA astronauts replaced the camera present on the station's truss. A third spacewalk in the series is scheduled October 18 by Bresnik and station flight engineer Joe Acaba.

Google Home Mini Turns Into A 24/7 Spy On One Tech Reporter
The rationale behind the move is Google giving people "complete peace of mind" when they use Google Home Mini , the company said. This raised a serious privacy concern and Google acknowledged earlier this week that the bug affected a small number of units.

Foldable iPhone in the works
The news comes after a patent was filed by Apple in February this year, describing a folding smartphone with a fabric cover. LG has reportedly completed its own foldable OLED panel prototype and has been upgrading the durability and the yield rate.

Pilgrim's Pride Corporation (PPC) Analysts See $0.71 EPS
They expect this year's earnings to rise 49.13% year-over-year to $2.58, followed by 5.81% growth in the next year to $2.73. Pilgrim's Pride Corporation (NASDAQ:PPC) appreciated by 0.77% at $28.97, after hitting low of $28.76 in an intra-day trade.